Module: Mpp::Methods::Tempo::Proof

Defined in:: lib/mpp/methods/tempo/proof.rb

Overview

EIP-712 proof credentials for zero-amount challenges.

Domain: { name: “MPP”, version: “1”, chainId } Types: { Proof: [{ name: “challengeId”, type: “string” }] } Message: { challengeId: <challenge.id> }

Constant Summary collapse

DOMAIN_NAME =

"MPP"

DOMAIN_VERSION =

"1"

DOMAIN_TYPE_HASH = EIP-712 domain separator type hash

"EIP712Domain(string name,string version,uint256 chainId)"

PROOF_TYPE_HASH =

"Proof(string challengeId)"

Class Method Summary collapse

.abi_encode(*values) ⇒ Object

ABI-encode values (packed 32-byte words).
.domain_separator(chain_id) ⇒ Object

Compute the EIP-712 domain separator.
.keccak256(data) ⇒ Object
.parse_source(source_str) ⇒ Object

Parse a proof source DID.
.recover_address(hash, sig_bytes) ⇒ Object
.sign(account:, chain_id:, challenge_id:) ⇒ Object

Sign a proof credential (client-side).
.signing_hash(chain_id:, challenge_id:) ⇒ Object

Compute the full EIP-712 signing hash.
.source(address:, chain_id:) ⇒ Object

Construct source DID for proof credentials.
.struct_hash(challenge_id) ⇒ Object

Compute the EIP-712 struct hash for Proof(challengeId).
.uint256(value) ⇒ Object
.verify(address:, chain_id:, challenge_id:, signature:) ⇒ Object

Verify a proof credential signature (server-side).

Class Method Details

.abi_encode(*values) ⇒ `Object`

ABI-encode values (packed 32-byte words).

# File 'lib/mpp/methods/tempo/proof.rb', line 97

def abi_encode(*values)
  values.map { |v|
    case v
    when String
      v.b.rjust(32, "\x00".b)
    when Integer
      uint256(v)
    end
  }.join
end

.domain_separator(chain_id) ⇒ `Object`

Compute the EIP-712 domain separator.

# File 'lib/mpp/methods/tempo/proof.rb', line 28

def domain_separator(chain_id)
  keccak256(
    abi_encode(
      keccak256(DOMAIN_TYPE_HASH),
      keccak256(DOMAIN_NAME),
      keccak256(DOMAIN_VERSION),
      uint256(chain_id)
    )
  )
end

.keccak256(data) ⇒ `Object`

# File 'lib/mpp/methods/tempo/proof.rb', line 22

def keccak256(data)
  Kernel.require "eth"
  Eth::Util.keccak256(data)
end

.parse_source(source_str) ⇒ `Object`

Parse a proof source DID. Returns { address:, chain_id: } or nil.

# File 'lib/mpp/methods/tempo/proof.rb', line 83

def parse_source(source_str)
  match = source_str.match(/\Adid:pkh:eip155:(0|[1-9]\d*):(.+)\z/)
  return nil unless match

  chain_id = Integer(match[1])
  address = match[2]
  return nil unless address.match?(/\A0x[a-fA-F0-9]{40}\z/)

  {address: address, chain_id: chain_id}
rescue ArgumentError
  nil
end

.recover_address(hash, sig_bytes) ⇒ `Object`

# File 'lib/mpp/methods/tempo/proof.rb', line 112

def recover_address(hash, sig_bytes)
  Kernel.require "eth"

  return nil unless sig_bytes.bytesize == 65

  sig_hex = "0x#{sig_bytes.unpack1("H*")}"
  # Use raw ecrecover (not personal_recover which adds EIP-191 prefix)
  recovered_key = Eth::Signature.recover(hash, sig_hex)
  Eth::Util.public_key_to_address(recovered_key).to_s
rescue => _e
  nil
end

.sign(account:, chain_id:, challenge_id:) ⇒ `Object`

Sign a proof credential (client-side).

# File 'lib/mpp/methods/tempo/proof.rb', line 57

def sign(account:, chain_id:, challenge_id:)
  hash = signing_hash(chain_id: chain_id, challenge_id: challenge_id)
  sig = account.sign_hash(hash)
  "0x#{sig.unpack1("H*")}"
end

.signing_hash(chain_id:, challenge_id:) ⇒ `Object`

Compute the full EIP-712 signing hash.

# File 'lib/mpp/methods/tempo/proof.rb', line 50

def signing_hash(chain_id:, challenge_id:)
  keccak256(
    "\x19\x01".b + domain_separator(chain_id) + struct_hash(challenge_id)
  )
end

.source(address:, chain_id:) ⇒ `Object`

Construct source DID for proof credentials.



78
79
80

# File 'lib/mpp/methods/tempo/proof.rb', line 78

def source(address:, chain_id:)
  "did:pkh:eip155:#{chain_id}:#{address}"
end

.struct_hash(challenge_id) ⇒ `Object`

Compute the EIP-712 struct hash for Proof(challengeId).

# File 'lib/mpp/methods/tempo/proof.rb', line 40

def struct_hash(challenge_id)
  keccak256(
    abi_encode(
      keccak256(PROOF_TYPE_HASH),
      keccak256(challenge_id)
    )
  )
end

.uint256(value) ⇒ `Object`



108
109
110

# File 'lib/mpp/methods/tempo/proof.rb', line 108

def uint256(value)
  [value].pack("Q>").rjust(32, "\x00".b)
end

.verify(address:, chain_id:, challenge_id:, signature:) ⇒ `Object`

Verify a proof credential signature (server-side).

# File 'lib/mpp/methods/tempo/proof.rb', line 64

def verify(address:, chain_id:, challenge_id:, signature:)
  Kernel.require "eth"

  hash = signing_hash(chain_id: chain_id, challenge_id: challenge_id)
  sig_bytes = [signature.delete_prefix("0x")].pack("H*")

  # Recover the signer address from the signature
  recovered = recover_address(hash, sig_bytes)
  return false unless recovered

  recovered.downcase == address.downcase
end

Module: Mpp::Methods::Tempo::Proof

Overview

Constant Summary collapse

Class Method Summary collapse

Class Method Details

.abi_encode(*values) ⇒ Object

.domain_separator(chain_id) ⇒ Object

.keccak256(data) ⇒ Object

.parse_source(source_str) ⇒ Object

.recover_address(hash, sig_bytes) ⇒ Object

.sign(account:, chain_id:, challenge_id:) ⇒ Object

.signing_hash(chain_id:, challenge_id:) ⇒ Object

.source(address:, chain_id:) ⇒ Object

.struct_hash(challenge_id) ⇒ Object

.uint256(value) ⇒ Object

.verify(address:, chain_id:, challenge_id:, signature:) ⇒ Object